Yahoo has confirmed a number of ads on its European sites were serving malware to visitors for three days over the New Year period.
The issue was first noted by Dutch IT security company Fox-IT, which said in a blog post it had detected and investigated infections suffered by clients who had visited yahoo.com.
According to the organisation, those who clicked on the ads were redirected to a Magnitude exploit kit, which can install various different malware including ZeuS, Andromeda and Necurs.
The malicious ads first appeared on 31 December until 3 January, after Yahoo removed them.
A Yahoo spokesperson told IT Pro: "At Yahoo, we take the safety and privacy of our users seriously. From December 31 to January 3 on our European sites we served some advertisements that...spread malware. Users in North America, Asia Pacific and Latin America...were not affected. Additionally, users using Macs and mobile devices were not affected."
The company said it is continuing to monitor the adverts appearing on its sites for any other suspicious activity.
Further information for users will also be posted shortly, the spokesperson said.
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Third time lucky? Microsoft finally begins roll-out of controversial Recall featureNews The Windows Recall feature has been plagued by setbacks and backlash from security professionals
-
The worst hacks of all timeIn-depth Yahoo, LinkedIn, Facebook, here is a quick guide to some of the biggest data breaches in history
-
New Adload malware bypasses Apple’s XProtect to infect macOS devicesNews Old malware retooled to evade Apple defenses
-
Common malware slipped past the macOS notarization process twiceNews Apple immediately revoked the notarization, but the adware slipped through again
-
Researchers blast Swedish developer WakeNet AB for ‘deceptively’ spreading adwareNews Bad actors are using tools like 'embed movie' to coax victims into installing software that house adware
-
Zacinlo malware threatens Windows 10 PCs' securityNews Malware takes screenshots of users' desktops, and has been operating silently for six years
-
Yahoo handed £250,000 fine over 2014 data breachNews ICO punishes Yahoo's UK arm for failing to protect 515,000 Brits
-
Canadian pleads guilty to Yahoo hack
News Karim Baratov was paid by Russian security agents to break into Yahoo accounts in 2014
-
Russia denies it's responsible for Yahoo hackNews The Kremlin said there's "absolutely no question of any official involvement by any Russian agency"
